CVE-2024-58251
LOWDescription
In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2024-58251? +
How severe is CVE-2024-58251? +
How do I check if I'm vulnerable to CVE-2024-58251? +
Related Vulnerabilities
http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML …
Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find …
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was …
Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the …
Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish …
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric …